security.js
129 lines
| 4.0 KiB
| application/javascript
|
JavascriptLexer
Jonathan Frederic
|
r17196 | // Copyright (c) IPython Development Team. | ||
| // Distributed under the terms of the Modified BSD License. | ||||
Brian E. Granger
|
r15632 | |||
|
Jonathan Frederic
|
r17196 | define([ | ||
| 'base/js/namespace', | ||||
Jonathan Frederic
|
r17200 | 'jquery', | ||
|
Jonathan Frederic
|
r17198 | 'components/google-caja/html-css-sanitizer-minified', | ||
|
Jonathan Frederic
|
r17196 | ], function(IPython, $) { | ||
|
Brian E. Granger
|
r15632 | "use strict"; | ||
MinRK
|
r15636 | |||
| var noop = function (x) { return x; }; | ||||
|
MinRK
|
r15641 | var caja; | ||
| if (window && window.html) { | ||||
| caja = window.html; | ||||
| caja.html4 = window.html4; | ||||
|
MinRK
|
r15651 | caja.sanitizeStylesheet = window.sanitizeStylesheet; | ||
|
MinRK
|
r15641 | } | ||
| var sanitizeAttribs = function (tagName, attribs, opt_naiveUriRewriter, opt_nmTokenPolicy, opt_logger) { | ||||
|
Jonathan Frederic
|
r19176 | /** | ||
| * add trusting data-attributes to the default sanitizeAttribs from caja | ||||
| * this function is mostly copied from the caja source | ||||
| */ | ||||
|
MinRK
|
r15641 | var ATTRIBS = caja.html4.ATTRIBS; | ||
| for (var i = 0; i < attribs.length; i += 2) { | ||||
| var attribName = attribs[i]; | ||||
| if (attribName.substr(0,5) == 'data-') { | ||||
| var attribKey = '*::' + attribName; | ||||
| if (!ATTRIBS.hasOwnProperty(attribKey)) { | ||||
| ATTRIBS[attribKey] = 0; | ||||
| } | ||||
| } | ||||
| } | ||||
| return caja.sanitizeAttribs(tagName, attribs, opt_naiveUriRewriter, opt_nmTokenPolicy, opt_logger); | ||||
| }; | ||||
|
MinRK
|
r15651 | var sanitize_css = function (css, tagPolicy) { | ||
|
Jonathan Frederic
|
r19176 | /** | ||
| * sanitize CSS | ||||
| * like sanitize_html, but for CSS | ||||
| * called by sanitize_stylesheets | ||||
| */ | ||||
|
MinRK
|
r15651 | return caja.sanitizeStylesheet( | ||
| window.location.pathname, | ||||
| css, | ||||
| { | ||||
| containerClass: null, | ||||
| idSuffix: '', | ||||
| tagPolicy: tagPolicy, | ||||
| virtualizeAttrName: noop | ||||
| }, | ||||
| noop | ||||
| ); | ||||
| }; | ||||
| var sanitize_stylesheets = function (html, tagPolicy) { | ||||
|
Jonathan Frederic
|
r19176 | /** | ||
| * sanitize just the css in style tags in a block of html | ||||
| * called by sanitize_html, if allow_css is true | ||||
| */ | ||||
|
MinRK
|
r15651 | var h = $("<div/>").append(html); | ||
| var style_tags = h.find("style"); | ||||
| if (!style_tags.length) { | ||||
| // no style tags to sanitize | ||||
| return html; | ||||
| } | ||||
| style_tags.each(function(i, style) { | ||||
| style.innerHTML = sanitize_css(style.innerHTML, tagPolicy); | ||||
| }); | ||||
| return h.html(); | ||||
| }; | ||||
|
MinRK
|
r15654 | var sanitize_html = function (html, allow_css) { | ||
|
Jonathan Frederic
|
r19176 | /** | ||
| * sanitize HTML | ||||
| * if allow_css is true (default: false), CSS is sanitized as well. | ||||
| * otherwise, CSS elements and attributes are simply removed. | ||||
| */ | ||||
|
MinRK
|
r15651 | var html4 = caja.html4; | ||
| if (allow_css) { | ||||
| // allow sanitization of style tags, | ||||
| // not just scrubbing | ||||
| html4.ELEMENTS.style &= ~html4.eflags.UNSAFE; | ||||
| html4.ATTRIBS.style = html4.atype.STYLE; | ||||
| } else { | ||||
| // scrub all CSS | ||||
| html4.ELEMENTS.style |= html4.eflags.UNSAFE; | ||||
| html4.ATTRIBS.style = html4.atype.SCRIPT; | ||||
| } | ||||
|
MinRK
|
r15636 | var record_messages = function (msg, opts) { | ||
| console.log("HTML Sanitizer", msg, opts); | ||||
| }; | ||||
|
MinRK
|
r15641 | |||
| var policy = function (tagName, attribs) { | ||||
| if (!(html4.ELEMENTS[tagName] & html4.eflags.UNSAFE)) { | ||||
| return { | ||||
| 'attribs': sanitizeAttribs(tagName, attribs, | ||||
| noop, noop, record_messages) | ||||
| }; | ||||
| } else { | ||||
| record_messages(tagName + " removed", { | ||||
| change: "removed", | ||||
| tagName: tagName | ||||
| }); | ||||
| } | ||||
| }; | ||||
|
MinRK
|
r15651 | |||
|
MinRK
|
r15654 | var sanitized = caja.sanitizeWithPolicy(html, policy); | ||
|
MinRK
|
r15651 | |||
| if (allow_css) { | ||||
| // sanitize style tags as stylesheets | ||||
|
MinRK
|
r15654 | sanitized = sanitize_stylesheets(result.sanitized, policy); | ||
|
MinRK
|
r15651 | } | ||
|
MinRK
|
r15654 | return sanitized; | ||
|
MinRK
|
r15636 | }; | ||
|
Jonathan Frederic
|
r17212 | var security = { | ||
|
MinRK
|
r15651 | caja: caja, | ||
|
MinRK
|
r15636 | sanitize_html: sanitize_html | ||
|
Brian E. Granger
|
r15632 | }; | ||
|
Jonathan Frederic
|
r17212 | |||
| IPython.security = security; | ||||
| return security; | ||||
|
Jonathan Frederic
|
r17196 | }); | ||